Basics: The purpose of a proxy server
A proxy server serves as a representative for the requests of a client or for requests to a web server and forwards them. In addition, a proxy server, thanks to its deputy role, has a wide range of tasks.
Visible and transparent proxy server
Essentially, a visible proxy server differs from a transparent proxy server in the network infrastructure. With a transparent proxy server, at least one communication partner cannot see that an additional instance (proxy) is available as a central communication bridge. The communication partners assume that they are communicating directly. The proxy server is therefore “invisible”. The network infrastructure is configured so that all inquiries are automatically forwarded via a proxy instance. The proxy then acts as a representative communication partner.
A visible proxy server, on the other hand, appears as a visible, independent instance and is addressed via its own public IP address.
- Save load distribution and bandwidth
Application areas for proxy servers:
A cache is used as a temporary storage facility in which frequently used data is temporarily stored for faster access. Caching enables it to respond more quickly to data that is used regularly (e.g. websites) or to repetitive inquiries. This saves bandwidth and shortens response times.
In addition, it is able to control the bandwidth and load distribution. This is made possible by assigning bandwidths to clients and thus making optimal use of resources. For example, the blocking of transmission capacity by one or more clients can be prevented. If there are several lines or interfaces, the proxy ensures uniform distribution of the load.
Proxy servers offer network administrators the option of actively filtering and controlling local data traffic. For example, certain websites can be blocked or influenced by using white lists and black lists. The local users behind the proxy are therefore not granted access to these websites. When you visit blocked websites, you may be redirected to the fact that the desired website is not available.
The client sends a request to it. This processes the request and forwards it to the router with the IP address of the proxy server. Ultimately, the router transfers the request to the Internet. In this way, the actual IP address of the client is not published and the client’s origin can partly be obscured.
Forward Proxy (Protection of the client)
In this case, a proxy server is implemented between a local area network (LAN) and the Internet. Local end devices can thus be secured from the public network. All outgoing requests are first sent to the proxy server, which receives these requests and forwards them to the target computer on the Internet as the sender using its IP address (proxy IP address). The proxy server thus acts as a representative and also takes on a control function.
Reverse Proxy (Protection of the server)
Web servers can also be protected, for example against Denial of Service attacks by using a proxy Server is implemented for access from the public network. Clients from the Internet therefore have no direct access to the target server. Inquiries are first received by the proxy, checked and, if they are harmless, forwarded to the server in the background.
Application level & circuit level
Application level proxy:
This type of proxy has certain functions that can analyze data packets. This procedure is therefore on the seventh layer (application layer) of the OSI model (Open System Interconnection). This type of proxy server therefore has the function of blocking, changing and forwarding certain data packets in accordance with preconfigured rules. An application-level proxy is also called an application filter.
Circuit level proxy:
The Circuit Level Proxy works on the 3-4 layer (network and transport layer) of the OSI model and is therefore not authorized to analyze packet data. This type of proxy is often used as a firewall filter module that makes it possible to filter data packets via ports and IP addresses. He cannot influence communication himself. The filtering is based on the ALL-OR-NOTHING principle. Data packets are either allowed through or blocked.
Proxy vs vpn
VPNs usually work on layers 2-3 of the OSI model and manage your entire Traffic, while proxy servers work on layers 3, 4 and 7 depending on the configuration and only redirect the data traffic of a specific application or a specific browser. VPNs can be slower than proxy servers because they also encrypt the data.